From owner-freebsd-stable@FreeBSD.ORG Tue Mar 13 13:24:13 2007 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BA3F516A404 for ; Tue, 13 Mar 2007 13:24:13 +0000 (UTC) (envelope-from matthew.herzog@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.191]) by mx1.freebsd.org (Postfix) with ESMTP id 4CE2A13C483 for ; Tue, 13 Mar 2007 13:24:13 +0000 (UTC) (envelope-from matthew.herzog@gmail.com) Received: by nf-out-0910.google.com with SMTP id k27so2373204nfc for ; Tue, 13 Mar 2007 06:24:12 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ZN2Cd0Pd+2mfwGITY96uL72JZeah8cajVxr3pZ9K1uyhwyjeXNm0D7R32r+koB2Te0CNeeTmuFXOnWLWRJL9DIp6u4F/y2v3Mneql5z768OjIwc1pkAiEgTULA+0am9Oj5NzWHxOaJt7+bxWcy3gr7bWAU14X8pwsu6qQQnXEoA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=LBleUHfWSwAmsbFX2VrQyeYXTX6vhk9kI25n6JCkzp1xU2jhQIbo5by0/GCiIJdjoPgAmb6RgLr9dCqXWR2AF9pk84WFXuMMOwWaBcqX8JP+XnCs8fArHVXbDCWgIY09c3Z57lgAT8UOH6xADQzb9tAEAsBUmX9GXCYESKTgiaU= Received: by 10.82.134.12 with SMTP id h12mr1678444bud.1173792251766; Tue, 13 Mar 2007 06:24:11 -0700 (PDT) Received: by 10.82.190.9 with HTTP; Tue, 13 Mar 2007 06:24:11 -0700 (PDT) Message-ID: <7cf39bb60703130624u17822b2ch50900152e86cef39@mail.gmail.com> Date: Tue, 13 Mar 2007 09:24:11 -0400 From: "Matthew Herzog" To: "FreeBSD Stable" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <7cf39bb60703122058w5aa925f5ke0949a5d541d2a49@mail.gmail.com> Subject: Re: 6.1 to 6.2 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Mar 2007 13:24:13 -0000 Hmm. The rc subsystem is supposed to handle the order, i.e. you should never need to think about the order of services in rc.conf. I can't help thinking I am missing something in the kernel. Do you have any kernel modules running? On 3/13/07, Alban Hertroys wrote: > On Mar 13, 2007, at 4:58, Matthew Herzog wrote: > > > Hello. > > The 6.1 install is intact on disk0 and still works fine. I copied my > > ipfilter and ipnat config files to the new system after building an > > ipf/ipnat enabled kernel on the 6.2 install but the machine is not > > acting > > as a gateway. In fact, I can't even ssh into it from inside or outside > > Does issuing ipf -F a -f /etc/ipf.rules help? I can't remember. If I had a dime for every time I have had to run that command since I discovered netbsd in 1999 I'd be wealthy. Heh. My ipfilter rules and pretty liberal and I do not have DEFAULT_BLOCK in the kernel. > > It solved a similar looking problem for me on my amd64 home gateway. > I could still log into the server from my LAN, but not all of my > rules were active somehow. Reloading the rule-set from a shell (after > each reboot) helped. > > If it does, I guess there's an rc-order problem somewhere? > As a temporary workaround (haven't tried yet) you could add that line > to rc.local. > > Note: My server runs a 6-STABLE from shortly after 6.2-RELEASE. > -- > Alban Hertroys > > "If you throw your hands up in the air, > how're you gonna catch them?" > > > > > !DSPAM:667,45f65bba9417165217099! > > >